package com.yunhe.day322.config;

import com.yunhe.day322.domain.Product;
import com.yunhe.day322.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;


@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private UserService userService;
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //资源放行
         http.authorizeRequests().antMatchers("/login.html","/403.html","/css/**","/js/**","/img/**","/plugins/**").permitAll();
         //限定登录的角色
        http.authorizeRequests().antMatchers("/**").hasAnyRole("ADMAIN","USER","ZUZHANG","BANZHANG","XUEWEI");
        //s所有资源必须登录访问
       http.authorizeRequests().antMatchers("/**").authenticated();


        //自定义登录页面
        http.formLogin().loginPage("/login.html").usernameParameter("username").passwordParameter("password").loginProcessingUrl("/login").defaultSuccessUrl("/index.html").failureUrl("/login.html");
        //禁用领域
        http.csrf().disable();
        //配置退出登录
        http.logout().logoutUrl("/loginOut").logoutSuccessUrl("/login.html");

        http.exceptionHandling().accessDeniedPage("/403.html");

    }
    @Bean
    public PasswordEncoder createPsswordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }
}

